Cyber Security

GoDaddy reveals data breach of 1.2 million WordPress customers

Hosting giant GoDaddy has revealed a data breach of its managed WordPress hosting environment. An “unauthorized third-party access” accessed the hosting environment using a compromised password.

Although the firm is still investigating the issue that it first discovered on November 17th, it has determined that the unauthorized third party accessed data of up to 1.2 million active and inactive Managed WordPress customers since September 6, 2021. The company locked out the attacker before beginning its investigation.

The Compromised Data

According to its blog, the unauthorized third party was able to access the following customer information:

  • Email address and customer number of up to 1.2 million active and inactive Managed WordPress customers.
  • The original WordPress Admin password that was set at the time of unatuthorised access. If those credentials were still in use, GoDaddy has reset those passwords.
  • For active customers, sFTP and database usernames and passwords were exposed. GoDaddy has also reset both passwords.
  • For a subset of active customers, the SSL private key was exposed. GoDaddy is in the process of issuing and installing new certificates for those customers.

The company is contacting all impacted customers and has also informed law enforcement. It has also filed disclosure with the Security and Exchange Commission (SEC).

The compromised emails could lead to phishing attempts. Here’s how to stay alert and steer clear of any such attempt.

Do subscribe to our Telegram group for more resources and discussions on tech-law & policy. To receive weekly updates, don’t forget to subscribe to our Newsletter.

Rohit Ranjan Praveer

Rohit is a practicing advocate at Delhi. Beginning as a tech enthusiast, Rohit always had a keen interest in computer forensics and information security. Building upon these fundamentals, he has undertaken extensive research on various techno-legal topics and continues his pursuit pass on valuable information to the masses, with a zeal to build something that outlasts him.​

Share your thoughts!

This site uses Akismet to reduce spam. Learn how your comment data is processed.